Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20326.roa
File: AS20326.roa (raw, json)
Hash identifier: ueLn8frb29kJFInt6OmlBBilvOFyuqb6N7fXhG1WOuc=
Subject key identifier: 2A:13:31:9F:8C:F7:16:8A:C8:59:5A:10:A2:E9:B9:3E:D3:EA:56:EE
Certificate issuer: /CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Certificate serial: 2B98B98851551017AE59881D3572D6737153426B
Authority key identifier: 61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20326.roa
Signing time: Mon 23 Mar 2026 15:48:46 +0000
ROA not before: Mon 23 Mar 2026 15:43:46 +0000
ROA not after: Mon 22 Mar 2027 15:48:46 +0000
asID: 20326
IP address blocks: 181.215.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.mft
rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Mar 2026 00:55:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:98:b9:88:51:55:10:17:ae:59:88:1d:35:72:d6:73:71:53:42:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61b1bb4447718f16b3d36675d205c4dea41bba0a
Validity
Not Before: Mar 23 15:43:46 2026 GMT
Not After : Mar 22 15:48:46 2027 GMT
Subject: CN=2A13319F8CF7168AC8595A10A2E9B93ED3EA56EE
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c7:5a:c9:b2:40:a8:ea:bc:68:16:86:85:78:
db:e0:12:d4:36:f5:5e:d2:57:16:91:7c:17:3e:2b:
7c:46:89:19:48:5e:de:31:f6:93:80:40:31:ae:49:
e0:e5:86:62:1e:66:29:4a:f9:71:92:5d:67:bb:97:
0a:89:20:53:01:25:26:32:ce:b2:8d:5f:6e:af:92:
16:ea:2e:db:eb:35:54:14:18:86:8a:cb:d3:cc:53:
39:05:59:05:08:6b:3c:ad:bf:f4:83:ed:45:47:f9:
8d:ab:a7:29:67:44:c2:1e:ed:58:ec:fd:20:25:6f:
a7:65:fe:5e:54:48:e8:8b:e8:84:a8:b3:3e:d0:55:
4f:8a:8b:9c:92:d5:82:71:13:a7:18:68:d7:96:3b:
b6:a2:20:19:be:6f:fa:1b:77:12:7f:38:39:3f:59:
01:0c:13:dc:6f:1e:9c:f7:0f:24:19:cb:81:3f:de:
ce:4d:a0:35:ce:5d:09:e1:f1:f2:2c:08:91:65:be:
e0:77:80:9c:f1:c1:9a:c1:3f:a9:3c:ab:58:49:3d:
c5:fa:95:1d:1b:d3:65:fb:7b:d4:52:31:07:3f:8f:
51:df:92:61:99:86:d1:7a:ce:c6:9a:23:26:26:e5:
48:90:b9:42:58:5f:d2:21:19:14:85:d6:1b:a5:9d:
08:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:13:31:9F:8C:F7:16:8A:C8:59:5A:10:A2:E9:B9:3E:D3:EA:56:EE
X509v3 Authority Key Identifier:
keyid:61:B1:BB:44:47:71:8F:16:B3:D3:66:75:D2:05:C4:DE:A4:1B:BA:0A
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/61B1BB4447718F16B3D36675D205C4DEA41BBA0A.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YbG7REdxjxaz02Z10gXE3qQbugo.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/537459e7-2a83-43d1-9aa1-58417abac4b6/1/AS20326.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
181.215.23.0/24
Signature Algorithm: sha256WithRSAEncryption
32:07:18:c8:7e:75:02:7a:87:40:a3:2b:3b:d3:0d:e7:26:b3:
e9:fa:b8:10:4e:3c:e7:8b:1e:6a:77:74:0e:cb:a3:30:d9:d5:
1c:49:ae:37:d0:d6:0d:be:5c:e0:10:a6:87:12:8f:2f:ea:9f:
55:0d:1a:1f:de:7f:0c:bd:4b:80:c2:cc:05:ed:38:58:9a:0b:
2d:a0:ce:7a:5c:28:e2:02:73:58:c6:6a:a2:5b:af:66:5a:1c:
84:d8:79:47:73:60:5d:51:3c:57:6c:49:36:72:08:aa:bb:4a:
84:e4:12:e1:7a:b0:ac:b4:9e:3f:76:51:d9:f3:a4:b4:27:8f:
a1:70:d9:25:37:fc:49:72:c4:6c:d0:92:52:1d:9f:94:73:38:
70:c6:ac:3e:07:a9:63:8b:5c:66:9b:08:50:02:47:af:1d:d9:
d5:6a:d0:3b:9d:70:54:d8:40:ce:6e:2b:eb:6b:7a:ff:f5:98:
08:47:e4:35:0d:c6:1a:be:b1:aa:08:7a:fd:a7:01:20:f7:ba:
22:60:91:a8:40:88:96:6b:45:86:8b:22:63:a6:46:e0:a7:5f:
d6:4d:c0:33:96:19:07:06:36:c6:ae:d3:9d:e7:ec:dd:43:38:
b7:77:79:39:15:89:5c:c5:d6:bc:c6:f7:1a:c5:b9:ee:99:a3:
bb:90:40:9d
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIUK5i5iFFVEBeuWYgdNXLWc3FTQmswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNjFiMWJiNDQ0NzcxOGYxNmIzZDM2Njc1ZDIwNWM0ZGVh
NDFiYmEwYTAeFw0yNjAzMjMxNTQzNDZaFw0yNzAzMjIxNTQ4NDZaMDMxMTAvBgNV
BAMTKDJBMTMzMTlGOENGNzE2OEFDODU5NUExMEEyRTlCOTNFRDNFQTU2RUUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpx1rJskCo6rxoFoaFeNvgEtQ2
9V7SVxaRfBc+K3xGiRlIXt4x9pOAQDGuSeDlhmIeZilK+XGSXWe7lwqJIFMBJSYy
zrKNX26vkhbqLtvrNVQUGIaKy9PMUzkFWQUIazytv/SD7UVH+Y2rpylnRMIe7Vjs
/SAlb6dl/l5USOiL6ISosz7QVU+Ki5yS1YJxE6cYaNeWO7aiIBm+b/obdxJ/ODk/
WQEME9xvHpz3DyQZy4E/3s5NoDXOXQnh8fIsCJFlvuB3gJzxwZrBP6k8q1hJPcX6
lR0b02X7e9RSMQc/j1HfkmGZhtF6zsaaIyYm5UiQuUJYX9IhGRSF1hulnQi3AgMB
AAGjggIJMIICBTAdBgNVHQ4EFgQUKhMxn4z3ForIWVoQoum5PtPqVu4wHwYDVR0j
BBgwFoAUYbG7REdxjxaz02Z10gXE3qQbugowDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNTM3NDU5ZTctMmE4My00M2QxLTlhYTEtNTg0MTdhYmFj
NGI2LzEvNjFCMUJCNDQ0NzcxOEYxNkIzRDM2Njc1RDIwNUM0REVBNDFCQkEwQS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1liRzdSRWR4anhhejAyWjEwZ1hFM3FR
YnVnby5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzUzNzQ1OWU3LTJhODMt
NDNkMS05YWExLTU4NDE3YWJhYzRiNi8xL0FTMjAzMjYucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAC11xcw
DQYJKoZIhvcNAQELBQADggEBADIHGMh+dQJ6h0CjKzvTDecms+n6uBBOPOeLHmp3
dA7LozDZ1RxJrjfQ1g2+XOAQpocSjy/qn1UNGh/efwy9S4DCzAXtOFiaCy2gznpc
KOICc1jGaqJbr2ZaHITYeUdzYF1RPFdsSTZyCKq7SoTkEuF6sKy0nj92UdnzpLQn
j6Fw2SU3/ElyxGzQklIdn5RzOHDGrD4HqWOLXGabCFACR68d2dVq0DudcFTYQM5u
K+trev/1mAhH5DUNxhq+saoIev2nASD3uiJgkahAiJZrRYaLImOmRuCnX9ZNwDOW
GQcGNsau053n7N1DOLd3eTkViVzF1rzG9xrFue6Zo7uQQJ0=
-----END CERTIFICATE-----
Generated at Sat Mar 28 10:17:55 2026 by rpki-client